//package com.lightjet.macross.base.gateway.config;
//
//import org.springframework.context.annotation.Bean;
//import org.springframework.http.HttpMethod;
//import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
//import org.springframework.security.config.web.server.ServerHttpSecurity;
//import org.springframework.security.web.server.SecurityWebFilterChain;
//
///**
// * @author : lijia
// * @version : 1.0 2020-05-15 09:40
// * description : 认证授权配置
// */
//@EnableWebFluxSecurity
//public class SecurityConfig {
//
//    //security的鉴权排除的url列表
//    private static final String[] excludedAuthPages = {
//            "/auth/login",
//            "/auth/logout",
//            "/health",
//            "/api/socket/**"
//    };
//
//    @Bean
//    SecurityWebFilterChain webFluxSecurityFilterChain(ServerHttpSecurity http) throws Exception {
//        http
//                .authorizeExchange()
////                .pathMatchers("/route**").authenticated()
//                .pathMatchers("/**").permitAll()  //无需进行权限过滤的请求路径
////                .pathMatchers().permitAll() //option 请求默认放行
//               .anyExchange().authenticated()
////                .and()
////                .httpBasic()
////                .and()
////                .formLogin() //启动页面表单登陆,spring security 内置了一个登陆页面/login
//                .and().csrf().disable()//必须支持跨域
//                .logout().disable();
//
//        return http.build();
//    }
//}
